Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-14 04:28:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

FileAnalysis: add is_orig field to fa_file & Info.

Browse source
This commit is contained in:
Jon Siwek 2013-04-23 10:50:43 -05:00
parent cd0a8bfbdb
commit f07760ba00
7 changed files with 29 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

5
scripts/base/frameworks/file-analysis/main.bro
View file

@ -46,6 +46,10 @@ export {
## path which was read, or some other input source.
source: string &log &optional;
## If the source of this file is is a network connection, this field
## may be set to indicate the directionality.
is_orig: bool &log &optional;
## The time at which the last activity for the file was seen.
last_active: time &log;
@ -236,6 +240,7 @@ function set_info(f: fa_file)
f$info$id = f$id;
if ( f?$parent_id ) f$info$parent_id = f$parent_id;
if ( f?$source ) f$info$source = f$source;
if ( f?$is_orig ) f$info$is_orig = f$is_orig;
f$info$last_active = f$last_active;
f$info$seen_bytes = f$seen_bytes;
if ( f?$total_bytes ) f$info$total_bytes = f$total_bytes;